From patchwork Fri Apr 12 02:10:05 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Li RongQing <lirongqing@baidu.com>
X-Patchwork-Id: 10897133
Return-Path: <linux-nvdimm-bounces@lists.01.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 068371800
	for <patchwork-linux-nvdimm@patchwork.kernel.org>;
 Fri, 12 Apr 2019 02:10:33 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D1C6E28E0C
	for <patchwork-linux-nvdimm@patchwork.kernel.org>;
 Fri, 12 Apr 2019 02:10:32 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id C631228E36; Fri, 12 Apr 2019 02:10:32 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
Received: from ml01.01.org (ml01.01.org [198.145.21.10])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4F7D228E38
	for <patchwork-linux-nvdimm@patchwork.kernel.org>;
 Fri, 12 Apr 2019 02:10:32 +0000 (UTC)
Received: from [127.0.0.1] (localhost [IPv6:::1])
	by ml01.01.org (Postfix) with ESMTP id E3E092120ADCB;
	Thu, 11 Apr 2019 19:10:31 -0700 (PDT)
X-Original-To: linux-nvdimm@lists.01.org
Delivered-To: linux-nvdimm@lists.01.org
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=61.135.168.57; helo=tc-sys-mailedm04.tc.baidu.com;
 envelope-from=lirongqing@baidu.com; receiver=linux-nvdimm@lists.01.org
Received: from tc-sys-mailedm04.tc.baidu.com (mx57.baidu.com [61.135.168.57])
 by ml01.01.org (Postfix) with ESMTP id A20AA211EB2B8
 for <linux-nvdimm@lists.01.org>; Thu, 11 Apr 2019 19:10:08 -0700 (PDT)
Received: from localhost (cp01-cos-dev01.cp01.baidu.com [10.92.119.46])
 by tc-sys-mailedm04.tc.baidu.com (Postfix) with ESMTP id 56CCA236C005
 for <linux-nvdimm@lists.01.org>; Fri, 12 Apr 2019 10:10:06 +0800 (CST)
From: Li RongQing <lirongqing@baidu.com>
To: linux-nvdimm@lists.01.org
Subject: [PATCH] acpi/nfit: ensure that intel passphrase length is not larger
 than nvdimm
Date: Fri, 12 Apr 2019 10:10:05 +0800
Message-Id: <1555035005-6070-1-git-send-email-lirongqing@baidu.com>
X-Mailer: git-send-email 1.7.1
X-BeenThere: linux-nvdimm@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Linux-nvdimm developer list." <linux-nvdimm.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/linux-nvdimm>,
 <mailto:linux-nvdimm-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/linux-nvdimm/>
List-Post: <mailto:linux-nvdimm@lists.01.org>
List-Help: <mailto:linux-nvdimm-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/linux-nvdimm>,
 <mailto:linux-nvdimm-request@lists.01.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: linux-nvdimm-bounces@lists.01.org
Sender: "Linux-nvdimm" <linux-nvdimm-bounces@lists.01.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Both are same now, but if length of nvdimm passphrase is changed to
less than intel passphrase length, OOB access will happen

Signed-off-by: Li RongQing <lirongqing@baidu.com>
---
 drivers/acpi/nfit/intel.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/acpi/nfit/intel.c b/drivers/acpi/nfit/intel.c
index f70de71f79d6..9517fb0fd8b9 100644
--- a/drivers/acpi/nfit/intel.c
+++ b/drivers/acpi/nfit/intel.c
@@ -248,6 +248,8 @@ static int __maybe_unused intel_security_erase(struct nvdimm *nvdimm,
 		},
 	};
 
+	BUILD_BUG_ON(NVDIMM_PASSPHRASE_LEN < ND_INTEL_PASSPHRASE_SIZE);
+
 	if (!test_bit(cmd, &nfit_mem->dsm_mask))
 		return -ENOTTY;